The present invention generally relates to securing sensitive information and more specifically relates to secure and usable authentication for health care information access.
In the course of providing health care to patients, health care providers such as hospitals, medical offices, doctors, and nurses will document relevant patient information such as a patient's medical history and the patient's course of care for each patient in a patient's medical records. The purpose of keeping a medical record for a patient includes allowing subsequent health care providers who are treating the patient to provide continuity of care to that patient.
Because a patient's medical record is highly sensitive, great care must be taken to ensure that a patient's medical record is available to an authorized doctor or nurse only when the doctor or nurse needs it in order to treat the patient. However, the layers of security implemented to protect the patient's medical record may often make it cumbersome for the doctor or nurse to quickly and easily access the patient's medical record, thus causing the doctor or nurse to unnecessarily waste time and possibly inconveniencing the patient in order to gain access to the patient's medical records.